BLC Bank S.A.L (hereafter “BLC” “we” “us” “our”) is committed to protect and respect the privacy & rights of every Individual (hereafter “you”). We are dedicated to ensure the confidentiality and privacy of data entrusted to us and seek to be transparent when we collect and use your personal data. We will protect and use your personal data in the most appropriate way as indicated by this “Privacy Notice” and in accordance with the provisions of Law 81/2018 , BDL basic circular no # 146/2018, and EU General Data Protection Regulation 679/2016 (“GDPR”). We comply also with the Lebanese banking secrecy Law and therefore, maintain confidentiality regarding our customer’s data, which have been entrusted or made accessible to us with respect to the business and /or contractual relationship. In this Privacy Notice, we describe our policies and practices regarding your personal data and the way we process them; However and for further details you may refer to our Data Protection Policy.
This section aims to provide definitions for terms/expressions that have particular meaning: - Personal data : Refer to any data that identifies or may identify you, either directly or indirectly, such as your name, contact details, digital images, identification data (e.g. identity card/passport number) and authentication data (e.g. your signature) etc. - Processing : Refer to actions such as the collection, retention, use, disclosure, transfer, deletion or destruction of your personal data. - Individual : Refer to employees, representatives, shareholders, BOD members of BLC, prospective, current and former customers, authorized signatories, beneficial owners, guarantors, advisers, contractors, service providers, partners, committee members, customers, payers, payees and security providers or any other natural persons whose personal information have or will be lawfully obtained by BLC Bank in the normal course of its business. - Data Protection officer : Refer to the officer whose responsibility is to ensure that BLC is protecting individuals' personal data according to current legislation.
In order to address your request, we have to collect and process data about you. The type of personal data we process depends on the services and products requested or agreed upon in each case. We will ask you to provide us with personal data, when you intend to enter into a business and/or contractual relationship with us, as well as during the course of this relationship. Moreover, during the course of our relationship, you must disclose any changes to your personal data without undue delay.
We lawfully obtain data from: - Individuals: Either directly from you or from your authorized representatives/agents(if applicable), or via other communication channels. - Third parties: Including previous employers, other banks, credit reference agencies and Risk solution companies that enable us to manually screen potential customers and perform enhanced due diligence. - Public sources: Including press, media , internet, Commercial Register, Land Registry , Banking and Liquidation registries, lists and databases maintained by other entities including international organizations.
We collect and further process your personal data in compliance with the applicable data protection legal framework, for the following reasons: Fulfillment of contractual obligations : To perform our contractual/Business obligations. Compliance with Legal obligations : To comply with the legal obligations as well as the requirements of supervisory and regulatory authorities. Safeguarding legitimate interests : To pursue our legitimate interests. Data are processed under this ground for reasons pertaining to business activities provided that those interests do not override your fundamental rights and freedoms. Based on your consent : To process your personal data for specific purposes other than the ones described above. The lawfulness of such processing is based on your consent.
- Units and/or persons that are authorized to process your data within BLC Bank. - “Fransabank” as a Mother company, where it is necessary for our legitimate interests to do so or in order to comply with our obligations under the law. - Regulatory bodies to whom BLC is required to transfer data under the obligations of national Law and regulations. - Third parties to whom BLC is required to transfer data under the obligations of International treaties and/or binding agreements. - Third parties involved in or in connection with potential or actual litigation, arbitration or other legal process with BLC. - Service providers that deal with BLC under the duty to keep the personal data confidential. - Banks, agents, Financial Institutions, that process your personal data on our behalf are under the obligation to comply with the same personal data protection standards and safeguards as we do - Credit related companies or agencies, which have dealings with BLC.
- We retain your personal data for the purposes they were initially collected, in accordance with the law and relevant regulations. - We may need to retain your data for a period longer than 10 years after the termination of our relationship in order to comply with regulatory or legal requirements. - We may need to store your Personal data for a period exceeding 10 years to satisfy our legitimate purposes. - Records can be held on a variety of media (physical or electronic) and formats.
We may process some of your data by automatic means, in order to evaluate certain personal aspects (profiling), in the following cases: - We carry out data evaluations (including on payment transactions) in the context of our anti-money laundering, anti-terrorism financing and anti-fraud measures. - We employ credit scoring to assess your creditworthiness, so that we can evaluate whether customers will meet their contractual payment obligations and to make fair and responsible decisions regarding the provision of our services and products, especially in the context of providing banking facilities, including loans and overdrafts.
We only use your personal data for direct marketing purposes if: - You have given us your explicit consent to do so, in which case you may revoke such consent at any time. - Where we believe that such processing is necessary for pursuing our legitimate interests.
We respect the rights you have under the personal data legal framework, namely the following: - The right to access your Personal Data or be provided with a copy of the data being held about you. - The right to request the correction of any inaccuracies in your Personal Data. - The right to request the erasure of your Personal Data, particularly where the continued processing of the data is no longer necessary. - The right to object to the processing of your Personal Data, particularly where there are no longer sufficient legitimate grounds for us to continue processing the data. - The right to data portability, which means to receive a copy of the personal data that you have provided to us and to transmit those data to another organization and/or to request that we transmit such data directly to another organization. - The right to appeal any automated decision making or profiling. - The right to withdraw any consent you may have provided. - The right to fill a complaint to the Data Protection Officer in case of unlawful processing of your Personal Data. You can exercise any of your rights by referring to any of our branches or by contacting our Data Protection Officer using the details set out in paragraph 15. It is important to note that the rights set out above are not unconditional and the specific circumstances of the processing being undertaken by BLC determines if these rights may be exercised. Further data concerning these rights and their application can be obtained from the Data Protection Officer.
The Bank commits to take the appropriate and reasonable administrative and technical measures for the safety of the data and their protection from accidental or unlawful loss, misuse, forbidden transmission or access and of any other form of unlawful processing. Although we are fully committed to protect your personal data, security cannot be absolutely guaranteed against threats. In the event that we become aware of a data breach, which may cause you a disadvantage, we will notify you accordingly without undue delay. Moreover you are responsible for protecting and maintaining protection of any identification, authentication and other security measures regarding our services and products (e.g. PIN numbers, usernames and passwords, mobile devices, card numbers and account numbers), as described in the relevant contracts and/or terms and conditions.
This Privacy Notice may be updated from time to time and without prior notice, in order to reflect our current practices and/or in accordance with any changes in the applicable legal framework. You will always be able to find the most recent version on BLC website and application. Any visit you make to the site or application where the notice is published subsequent to its update is considered as your approval to the updated version.
For any matters arising out of and/or in connection with this Privacy Statement, you can contact our Data Protection Officer (DPO) on the following address: Email: [email protected] Tel : 961 1 387000